Description:
Several vulnerabilities were reported in Cisco Wireless LAN Controller. A remote authenticated user can execute arbitrary code on the target system. A remote authenticated user can modify the configuration on the target system. A remote user can cause denial of service conditions.

A remote user can send specially crafted IP packets to the target device configured with Wireless Intrusion Prevention System (wIPS) via the wired or wireless interfaces to cause the target device to reload [CVE-2013-1102]. Cisco has assigned Cisco bug ID CSCtx80743 to this vulnerability.

A remote user can send specially crafted Session Initiation Protocol (SIP) packets to the target wireless access point (managed by the WLC) via the wired or wireless interfaces to cause the target device to reload [CVE-2013-1103]. Cisco has assigned Cisco bug ID CSCts87659 to this vulnerability.

A remote authenticated user can send a specially crafted UserAgent string via the wired or wireless interfaces to execute arbitrary code on the target system [CVE-2013-1104]. Only systems with the HTTP Profiling feature enabled and running version 7.3.101.0 are affected. Cisco has assigned Cisco bug ID CSCuc15636 to this vulnerability.

A remote authenticated user can view and modify the configuration of the target device via SNMP when the "management over wireless" feature is disabled [CVE-2013-1105]. Cisco has assigned Cisco bug ID CSCua60653 to this vulnerability.